On Mon Aug 08 13:52:12 2016, Stephen Henson wrote: >> for some engine-implementations one needs the possibility to change >> the EVP_MD used in signctx_init and verifyctx_init. >> (because different EVP_MD are needed for standalone calculating of the >> digest and calculating the digest during signature-operations.) This >> is only possible if a pointer-pointer is passed through the calls. The >> attached patch (against 1.1.0-pre6) realises this.
>This shouldn't be necessary becasuse the underlying method gets notified >through EVP_PKEY_CTX_set_signature_md() which it can then check >and take appropriate action. Ok, I didn’t see this way (maybe because my first solution was to use ENGINE_set_digest() which didn’t work in my case) but it works. Thanks for the quick hint and please ignore the patch. >If the method wants to change the MD it can set the >EVP_PKEY_FLAG_SIGCTX_CUSTOM flag and then use whatever EVP_MD is appropriate >instead of the passed one. JFTR: Actually the trick is not to use any EVP_MD later, but use EVP_MD_CTX_set_update(). Kind regards Felix Schüller -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4643 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev